Payment System

1. A method for performing a payment transaction in a secure manner, the method comprising: receiving, in a user's terminal, a secret of a payment application executing in the user's terminal, from an operator's server system, said secret having been stored in a memory at said operator's server system and sent from the operator's server system to the user's terminal responsive to an activation of the payment application by the user's terminal, activating a trust card of the payment application, the trust card being stored in a safe memory area in said user's terminal, the trust card being activated by the storing of said secret of the payment application in the safe memory area said secret of the payment application being required to activate said trust card, receiving payment data for the payment transaction in the user's terminal, the payment data sent from a point-of-sale terminal to the user's terminal over a local communication connection, encrypting in the user's terminal said payment data to obtain encrypted payment data, transmitting said encrypted payment data over a wide area network from said user's terminal to the operator's server system, wherein the operator's server system is configured to check said payment transaction, in response to said transmitting, receiving, in the user's terminal, a second secret from said operator's server system over the wide area network if said checking produced an acceptable result, said second secret relating to said trust card and being configured to be used by the point-of sale terminal for performing said payment transaction, and transmitting over said local communication connection, data of the trust card and said second secret, from said user's terminal to said point-of-sale terminal, wherein the point-of-sale terminal is configured to use the data of the trust card and said second secret to perform said payment transaction by the point-of-sale terminal.

2. The method according to claim 1 , wherein the secret of the payment application has a validity term, during which it can be used in an authorized manner for activating the trust card.

3. The method according to claim 2 , comprising: applying said trust card to form a cryptogram for verifying the payment transaction, said cryptogram being derived from said payment data and sent to the point-of-sale terminal.

4. The method according to claim 1 , wherein said second secret is an ARQC cryptogram and the second secret is sent to the point-of-sale terminal.

5. The method according to claim 1 , comprising: receiving a user's secret from the user, forming a code from the user's secret and said secret of the payment application received from the server system, and applying said code for performing said payment transaction.

6. The method according to claim 1 , wherein said payment data is encrypted using said secret of the payment application.

7. A method for making a payment transaction in a secure manner, the method comprising: forming a secret in a server system for a payment application executing in a user's terminal, said secret for performing said payment transaction, receiving, by the server system over a wide area network, a user's secret from the user's terminal for authenticating said user, authenticating said user by the server system, in response to a successful authentication by the server system, encrypting said secret of the payment application, making said secret of the payment application available for use by the user's terminal; activating a trust card of the payment application, the trust card being stored in a safe memory area in said user's terminal, by storing said secret of the payment application in the safe memory area, said secret of the payment application being required to activate said trust card, receiving payment data for the payment transaction in the user's terminal, the payment data sent from a point-of-sale terminal to the user's terminal over a local communication connection, encrypting in the users terminal said payment data to obtain encrypted payment data, transmitting said encrypted payment data over a wide area network from said user's terminal to the operator's server system, wherein the operators server system is configured to check said payment transaction, in response to said transmitting, receiving, in the user's terminal, a second secret from said operator's server system over the wide area network if said checking produced an acceptable result, said second secret relating to said trust card and being configured to be used by the point-of sale terminal for performing said payment transaction, transmitting over said local communication connection, data of the trust card and said second secret, from said user's terminal to said point-of-sale terminal, wherein the point-of-sale terminal is configured to use the data of the trust card and said second secret to perform said payment transaction.

8. The method according to claim 7 , comprising: receiving user data from the user for forming the user's secret, and forming said user's secret on the basis of said user data.

9. The method according to claim 7 , wherein said trust card is created and personalized on the server system for every payment event.

10. The method according to claim 7 , wherein the state of the trust card is maintained at the server system on the basis of the payment transactions made.

11. A system for making a payment transaction, said system comprising at least one processor, a memory and a computer program code in said memory, the computer program code being configured, when run in said at least one processor, to cause the system to: receive, in a user's terminal, a secret of a payment application executing in the user's terminal, from an operators server system, said secret having been stored in a memory at said operator's server system and sent from the operator's server system to the user's terminal responsive to an activation of the payment application by the user's terminal, activate a trust card of the payment application, the trust card being stored in a safe memory area in said user's terminal, the trust card being activated by the storing of said secret of the payment application in the safe memory area said secret of the payment application being required to activate said trust card, receive payment data for the payment transaction in the user's terminal, the payment data sent from a point-of-sale terminal to the user's terminal over a local communication connection, encrypt in the user's terminal said payment data to obtain encrypted payment data, transmit said encrypted payment data over a wide area network from said user's terminal to the operator's server system, wherein the operators server system is configured to check said payment transaction, in response to said transmitting, receive, in the user's terminal, a second secret from said operator's server system over the wide area network if said checking produced an acceptable result, said second secret relating to said trust card and being configured to be used by the point-of sale terminal for performing said payment transaction, and transmit over said local communication connection, data of the trust card and said second secret, from said user's terminal to said point-of-sale terminal, wherein the point-of-sale terminal is configured to use the data of the trust card and said second secret to perform said payment transaction.

12. The device according to claim 11 , comprising computer program code being configured, when run in said at least one processor, to cause the user's terminal: to receive a user's secret from a user, to form a code from the user's secret and said secret of the payment application received from the operator's server system, and to apply said code for performing said payment transaction.

13. A system for making a payment transaction, the system comprising a server system and a user terminal, the server system comprising at least one processor, a memory and a computer program code in said memory, the computer program code being configured, when run in said at least one processor, to cause the server system to: form a secret in the server system for a payment application executing in the user terminal, said secret for performing said payment transaction, receive a user's secret over a wide area network from the users terminal for authenticating said user, authenticate said user using the user's secret, encrypt said secret of the payment application in response to a successful authentication of said user, and make said secret of the payment application available for use by the users terminal; wherein the user terminal is configured to: activate a trust card of the payment application, the trust card being stored in a safe memory area in said user's terminal, by storing said secret of the payment application in the safe memory area, said secret of the payment application being required to activate said trust card, receive payment data for the payment transaction, the payment data sent from a point-of-sale terminal to the user's terminal over a local communication connection, encrypt said payment data to obtain encrypted payment data, transmit said encrypted payment data over a wide area network from said user's terminal to the operator's server system, wherein the operator's server system is configured to check said payment transaction, in response to said transmitting, receive, in the users terminal, a second secret from said operator's server system over the wide area network if said checking produced an acceptable result, said second secret relating to said trust card and being configured to be used by the point-of sale terminal for performing said payment transaction, and transmit over said local communication connection, data of the trust card and said second secret, from said user's terminal to said point-of-sale terminal, wherein the point-of-sale terminal is configured to use the data of the trust card and said second secret to perform said payment transaction.

14. The server system according to claim 13 , comprising computer program code being configured, when run in said at least one processor, to make the system: to receive payment data of said payment transaction from the user's terminal for checking, and to make a second secret, formed by and stored in a memory of the server system, available for use by the user's terminal, if said checking produces an accepted result, said second secret being configured to be used for performing the payment transaction.

15. The system according to claim 13 , comprising computer program code being configured, when run in said at least one processor, to make the server system: to form said secret of the payment application and the user's secret, to form a code from said user's secret and said secret of the payment application, and to configure a trust card stored in a memory of the server system to be supplied to the user's terminal to be activated with said code for performing the payment transaction.

16. The server system according to claim 13 , comprising computer program code being configured, when run in said at least one processor, to make the server system: to receive data from the user for forming the user's secret, and to form said user's secret on the basis of said data.

17. A non-transitory computer program product for making a payment, the computer program product comprising a computer software code stored on a non-volatile computer-readable medium, the computer program code, when run in at least one processor, causing a user's terminal to: receive, a secret of a payment application executing in the user's terminal, from an operator's server system, said secret having been stored in a memory at said operator's server system and sent from the operator's server system to the user's terminal responsive to an activation of the payment application by the users terminal, activate a trust card of the payment application, the trust card being stored in a safe memory area in said user's terminal, the trust card being activated by the storing of said secret of the payment application in the safe memory area said secret of the payment application being required to activate said trust card, receive payment data for the payment transaction in the user's terminal, the payment data sent from a point-of-sale terminal to the user's terminal over a local communication connection, encrypt in the user's terminal said payment data to obtain encrypted payment data, transmit said encrypted payment data over a wide area network from said user's terminal to the operator's server system, wherein the operators server system is configured to check said payment transaction, in response to said transmitting, receive, in the user's terminal, a second secret from said operator's server system over the wide area network if said checking produced an acceptable result, said second secret relating to said trust card and being configured to be used by the point-of sale terminal for performing said payment transaction, and transmit over said local communication connection, data of the trust card and said second secret, from said user's terminal to said point-of-sale terminal, wherein the point-of-sale terminal is configured to use the data of the trust card and said second secret to perform said payment transaction.